---
# tasks file for linux_get-expiring-tokens-az
  # - name: Get list of expiring app registration secret keys
  #   uri:
  #     url: https://graph.microsoft.com/v1.0/applications
  #     headers:
  #       Authorization: "Bearer {{ access_token }}"
  #       Content-Type: "application/json"
  #     return_content: yes
  #   register: app_registrations


# - name: Get all Azure app registrations
#   azure.azcollection.azure_rm_adserviceprincipal_info:
#     tenant: 03a0b8f2-7896-4d4d-bd81-9d6314ae3e15
#   register: service_principals

# - name: Get expiring secrets
#   set_fact:
#     expiring_secrets: "{{ service_principals | json_query(query) }}"
#   vars:
#     query: "[?has(passwordCredentials[?endDate<=`{{ date_to_check }}`])].{displayName: displayName, objectId: objectId, expiring_secrets: passwordCredentials[?endDate<=`{{ date_to_check }}`].{startDate: startDate, endDate: endDate}}"
  
# - name: Print expiring secrets
#   debug:
#     var: expiring_secrets
#   when: expiring_secrets | length > 0



  - name: get az app regs
    azure.azcollection.azure_rm_adserviceprincipal_info:
     tenant: "{{AZURE_TENANT}}"
    register: service_principals


  - name: try to print all sp's
    debug:
      var: service_principals

  - name: get ad password info
    azure.azcollection.azure_rm_adpassword_info:
      app_id: 140ddce1-f5e1-45a3-84e0-38e8ec16e72b
      tenant: "{{AZURE_TENANT}}"
      #key_id: c13469d5-46bd-4faa-b9dc-b18cbacd144e
      app_object_id: b1d67282-fc59-4a7d-8aab-178a6e3a8e2f